EP0966711A1 - Micro-ordinateur equipe d'une gestion memoire - Google Patents
Micro-ordinateur equipe d'une gestion memoireInfo
- Publication number
- EP0966711A1 EP0966711A1 EP98909336A EP98909336A EP0966711A1 EP 0966711 A1 EP0966711 A1 EP 0966711A1 EP 98909336 A EP98909336 A EP 98909336A EP 98909336 A EP98909336 A EP 98909336A EP 0966711 A1 EP0966711 A1 EP 0966711A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- vector
- memory area
- mmu
- program
- library
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1416—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
- G06F12/1425—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
- G06F12/1441—Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
Definitions
- the currently running program has control over the computer or the memory and other peripheral devices contained in it and connected to it. This means, inter alia, that the address of a memory which is contained in a program instruction is always jumped to, irrespective of whether the memory area containing this address should be available to the program or not.
- MMU memory management unit
- Each application receives an entry in the MMU, whereby it is recorded in which memory the application is located, at which address it starts, how long it is and which access rights exist.
- the user must enter this data when writing his application or program into the memory of the microcomputer.
- the application program then only has access rights to memory areas within the start address specified by the above and length defined range.
- the entry in the MMU thus describes a property of a program stored in a data storage segment.
- the area in which this entry is located in the MMU is therefore called the segment descriptor.
- Each call of an address by the program is checked by the MMU and the call is only granted if the address is within the permitted range, otherwise the program run is aborted or an error message is issued.
- the user programs usually have subroutines. It often happens that different users require the same subroutines and, as a result of the safety precautions explained above, these subroutines are present several times. This requires an unnecessarily large amount of storage space.
- the object of the present invention is therefore to specify a microprocessor which allows access by user programs to library programs, but is protected against manipulation.
- the microcomputer according to the invention is not a direct one
- a vector number is specified in the call command in addition to the name of the MMU segment descriptor describing the library program.
- the name of the MMU segment descriptor can be a number or a name, for example.
- the MMU checks whether the specified vector number occurs at all and whether it belongs to the library program called up. If the test result is positive, access to a vector memory area is permitted, the start address and length of which are stored in the MMU segment descriptor. Only in this vector memory area, which contains the vector number on the one hand, is there also a jump address or the address of a jump command - that is, a vector - to the library program start address. This effectively prevents a user from jumping directly into the library program and possibly bypassing safety routines.
- FIG. 1 shows a block diagram of a microcomputer in a schematic representation
- Figure 2 shows a schematic representation of the assignment of user programs to the contents of the MMU segment descriptors
- Figure 3 shows a schematic representation of the way to call a library program.
- FIG. 1 shows the components of a microcomputer in a highly schematic manner.
- a central processing unit CPU is connected to a memory management unit MMU via an address bus.
- the MMU is in turn connected to the microcomputer-internal address bus, to which the memories ROM, RAM and EEPROM and an input / output unit I / O are connected.
- Any other units customary in microcomputers can also be present, but these are not shown since they have no relation to the invention.
- the control and data buses were also not shown.
- the microcomputer according to the invention should have all the components necessary for its function, known from the prior art.
- the CPU creates logical addresses on the MMU, while the MMU determines the physical addresses from them and applies them to the memories.
- the MMU is equipped with memory locations for segment descriptors in which the start address, length and access rights assigned to an application program A, B are entered.
- the MMU will also have an adder, not shown, in order to be able to determine the physical address from the logical address by adding the start address of a user program.
- the segments for two user programs A and B are shown by way of example, program A starting at an address 50,000 and having a length of 3,500 addresses, while program B starting at an address 120,000 and having a length of 5,000 addresses.
- addresses between 0 and 3,499 are called up according to the length of the program. These logical addresses are fed to the MMU, which adds the initial value 50,000 and applies the physical address thus obtained to the internal address bus.
- the MMU previously checks whether the logical address is in the address area that corresponds to the length stored in the MMU segment descriptor.
- the MMU segment descriptor can be designed as a memory register, for example. For this check, comparators (not shown) are available in the MMU, to which the current address on the one hand and the edge addresses of the current program on the other are created. If the program calls a higher or a lower address, an abort or an error message or something similar occurs.
- Access rights are entered in a further area of an MMU segment descriptor, so that it can be determined whether certain address areas can only be read or read and write accessed.
- FIG. 3 now shows the expansion of a known microcomputer according to the invention.
- a memory area is also provided here for subroutines accessible to all users, that is to say a library program memory area. Any memory can be used for this.
- FIG. 3 shows a write and an erase program in the library program memory at the addresses 1,050 and 3,000.
- a user program cannot jump to these addresses directly, since otherwise an undefined entry into these programs would be possible - bypassing safety precautions.
- a vector memory area is provided in which vector numbers and the associated start addresses of the library programs are entered as jump destinations (vectors) 1050, 3000.
- the address of a jump instruction leading to the subroutine could also be stored.
- the name of the subroutine can be entered as an identifier, as shown in Figure 3. However, this is not necessary.
- a user does not find out the actual physical address of a library program.
- this also has the advantage that these programs can be moved as required by the operating system without the user programs having to be changed. Then only the jump destination in the vector memory area has to be changed.
- Every library program memory area can be entered in the MMU just like any other program.
- each library program memory area is assigned a vector memory area in which the vectors are entered on the library programs located in the library program memory area. The entry is made by specifying the start address and length of the vector memory area.
- the vector memory area can also be entered in a segment descriptor of the MMU, in which case the start address and length of the library program memory area are entered in the segment descriptor. It is also possible to combine the vector memory area and the library program memory area and in
- Segmant descriptor to specify a start address and two lengths.
- the library program is called by a user program by specifying the MMU segment descriptor name, such as the library program name or a number and the vector number.
- the MMU then checks whether the vector number even exists in the vector memory area and whether the called program name matches the entry assigned to the vector number. The corresponding address is only addressed in the vector memory area if the result of the test is positive, and only then does it jump to the library program itself.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- Executing Machine-Instructions (AREA)
- Stored Programmes (AREA)
- Communication Control (AREA)
- Document Processing Apparatus (AREA)
- Bus Control (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE19709975A DE19709975C2 (de) | 1997-03-11 | 1997-03-11 | Mikrocomputer |
DE19709975 | 1997-03-11 | ||
PCT/DE1998/000319 WO1998040821A1 (fr) | 1997-03-11 | 1998-02-05 | Micro-ordinateur equipe d'une gestion memoire |
Publications (2)
Publication Number | Publication Date |
---|---|
EP0966711A1 true EP0966711A1 (fr) | 1999-12-29 |
EP0966711B1 EP0966711B1 (fr) | 2009-07-22 |
Family
ID=7822960
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP98909336A Expired - Lifetime EP0966711B1 (fr) | 1997-03-11 | 1998-02-05 | Micro-ordinateur equipe d'une gestion memoire |
Country Status (11)
Country | Link |
---|---|
US (1) | US6487649B1 (fr) |
EP (1) | EP0966711B1 (fr) |
JP (1) | JP3369190B2 (fr) |
KR (1) | KR100416447B1 (fr) |
CN (1) | CN1130640C (fr) |
AT (1) | ATE437404T1 (fr) |
BR (1) | BR9808847A (fr) |
DE (2) | DE19709975C2 (fr) |
RU (1) | RU2198424C2 (fr) |
UA (1) | UA55445C2 (fr) |
WO (1) | WO1998040821A1 (fr) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE19846676C1 (de) * | 1998-10-09 | 2000-03-02 | Siemens Ag | Verfahren zur Absicherung von Einsprungsadressen |
KR100505106B1 (ko) * | 2002-05-29 | 2005-07-29 | 삼성전자주식회사 | 강화된 보안 기능을 갖춘 스마트 카드 |
US7281103B2 (en) * | 2003-10-01 | 2007-10-09 | Kabushiki Kaisha Toshiba | Microcomputer with a security function for accessing a program storage memory |
GB2434897B (en) * | 2004-11-11 | 2009-04-22 | Japan Science & Tech Agency | Computing system, computing method, user program system, library program system, program, and storage medium containing program |
EP1840819B1 (fr) * | 2006-03-29 | 2008-12-31 | Sony Deutschland Gmbh | Ecriture de données dans des systèmes avec restriction d'alignement ou à base de vecteurs |
DE102008048066B4 (de) | 2008-09-19 | 2018-02-01 | Texas Instruments Deutschland Gmbh | Zugriffssteuerschaltung zur Verwendung mit einer Überwachungs-Logikschaltungsanordnung in einem Verfahren zum Schutz von Software für eingebettete Anwendungen vor unerlaubtem Zugriff |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4087856A (en) * | 1976-06-30 | 1978-05-02 | International Business Machines Corporation | Location dependence for assuring the security of system-control operations |
DE3709205A1 (de) * | 1985-09-21 | 1988-09-29 | Kirchner Hans Wilhelm | Schutzschaltung fuer informationsdaten im arbeitsspeicher |
IN169635B (fr) * | 1987-07-01 | 1991-11-23 | Digital Equipment Corp | |
EP0526114A1 (fr) * | 1991-07-29 | 1993-02-03 | Motorola, Inc. | Procédé et dispositif de traduction d'adresses avec descripteurs de page indirects à protection masquée |
FR2683357A1 (fr) * | 1991-10-30 | 1993-05-07 | Philips Composants | Microcircuit pour carte a puce a memoire programmable protegee. |
US5325496A (en) * | 1991-12-24 | 1994-06-28 | Intel Corporation | Selectable pointer validation in a computer system |
JPH05225361A (ja) * | 1992-02-07 | 1993-09-03 | Mitsubishi Electric Corp | レジスタ書換え方式 |
-
1997
- 1997-03-11 DE DE19709975A patent/DE19709975C2/de not_active Expired - Fee Related
-
1998
- 1998-02-05 RU RU99121188/09A patent/RU2198424C2/ru not_active IP Right Cessation
- 1998-02-05 BR BR9808847-5A patent/BR9808847A/pt not_active IP Right Cessation
- 1998-02-05 WO PCT/DE1998/000319 patent/WO1998040821A1/fr active IP Right Grant
- 1998-02-05 EP EP98909336A patent/EP0966711B1/fr not_active Expired - Lifetime
- 1998-02-05 JP JP53904898A patent/JP3369190B2/ja not_active Expired - Fee Related
- 1998-02-05 DE DE59814378T patent/DE59814378D1/de not_active Expired - Lifetime
- 1998-02-05 KR KR10-1999-7008214A patent/KR100416447B1/ko not_active IP Right Cessation
- 1998-02-05 CN CN98803238A patent/CN1130640C/zh not_active Expired - Lifetime
- 1998-02-05 AT AT98909336T patent/ATE437404T1/de not_active IP Right Cessation
- 1998-05-02 UA UA99095020A patent/UA55445C2/uk unknown
-
1999
- 1999-09-13 US US09/395,998 patent/US6487649B1/en not_active Expired - Lifetime
Non-Patent Citations (1)
Title |
---|
See references of WO9840821A1 * |
Also Published As
Publication number | Publication date |
---|---|
BR9808847A (pt) | 2000-10-03 |
JP2001519940A (ja) | 2001-10-23 |
EP0966711B1 (fr) | 2009-07-22 |
UA55445C2 (uk) | 2003-04-15 |
WO1998040821A1 (fr) | 1998-09-17 |
ATE437404T1 (de) | 2009-08-15 |
DE19709975C2 (de) | 1999-04-22 |
CN1130640C (zh) | 2003-12-10 |
DE19709975A1 (de) | 1998-09-24 |
RU2198424C2 (ru) | 2003-02-10 |
US6487649B1 (en) | 2002-11-26 |
DE59814378D1 (de) | 2009-09-03 |
KR20000076125A (ko) | 2000-12-26 |
CN1250531A (zh) | 2000-04-12 |
JP3369190B2 (ja) | 2003-01-20 |
KR100416447B1 (ko) | 2004-01-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0813714B1 (fr) | Systeme multi-utilisateur de traitement de donnees avec protection de memoire | |
EP0512542B1 (fr) | Circuit à micro-processeur protégeant les données pour des supports de données portables, par example cartes de crédit | |
DE69223920T2 (de) | Mikroschaltung für eine Chipkarte mit einem geschützten, programmierbaren Speicher | |
DE69123775T2 (de) | Programmsteuersystem für eine tragbare Datenspeichervorrichtung | |
DE3048365C2 (fr) | ||
EP0951673B1 (fr) | Procede de controle de l'execution de programmes logiciels determines | |
DE102005022893B3 (de) | Verfahren zum Zugreifen auf Speicherbereiche einer Speicherkarte durch eine anfordernde Anwendung und Speicherkarte | |
EP1358558B1 (fr) | Circuit de microprocesseur destiné a des supports de données et procedé permettant d'organiser l'accès a des données archivées dans la mémoire | |
DE4331703C2 (de) | Elektronische Einrichtung | |
EP0766211A2 (fr) | Carte à circuit intégré multifonctionnelle | |
WO2001001258A1 (fr) | Procede d'acces a une memoire et unite de memoire destinee a cet effet | |
DE10164422A1 (de) | Verfahren und Anordnung zum Beschreiben von NV-Memories in einer Controller-Architektur sowie ein entsprechendes Computerprogrammprodukt und ein entsprechendes computerlesbares Speichermedium | |
EP0935214B1 (fr) | Carte à puce avec circuit intégré | |
DE69602984T2 (de) | Verfahren zum Schützen nichtflüchtiger Speicherbereiche | |
DE68928608T2 (de) | Versichertes Fernladungssystem eines Terminals | |
EP0966711B1 (fr) | Micro-ordinateur equipe d'une gestion memoire | |
DE29521444U1 (de) | Anordnung mit Master- und Slave-Einheiten | |
DE3333894C2 (fr) | ||
DE102013016114B3 (de) | Bussystem und Verfahren für geschützte Speicherzugriffe | |
DE3210616A1 (de) | Rechner | |
WO2003027815A2 (fr) | Unite commandee par programme | |
DE19612439C2 (de) | Halbleiterspeichervorrichtung | |
DE19925195A1 (de) | Verfahren für die sichere Verwaltung eines Speichers | |
DE102017007022A1 (de) | Programmierbare Steuervorrichtung | |
DE4440789B4 (de) | Slave-Einheit |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 19990903 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT CH DE ES FR GB IT LI |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: INFINEON TECHNOLOGIES AG |
|
17Q | First examination report despatched |
Effective date: 20070129 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SIEMENS AG Owner name: INFINEON TECHNOLOGIES AG |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
GRAA | (expected) grant |
Free format text: ORIGINAL CODE: 0009210 |
|
AK | Designated contracting states |
Kind code of ref document: B1 Designated state(s): AT CH DE ES FR GB IT LI |
|
REG | Reference to a national code |
Ref country code: GB Ref legal event code: FG4D Free format text: NOT ENGLISH |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: EP |
|
REF | Corresponds to: |
Ref document number: 59814378 Country of ref document: DE Date of ref document: 20090903 Kind code of ref document: P |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: ES Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT Effective date: 20091102 |
|
PLBE | No opposition filed within time limit |
Free format text: ORIGINAL CODE: 0009261 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: FR Payment date: 20100305 Year of fee payment: 13 |
|
RAP2 | Party data changed (patent owner data changed or rights of a patent transferred) |
Owner name: SIEMENS AKTIENGESELLSCHAFT Owner name: INFINEON TECHNOLOGIES AG |
|
26N | No opposition filed |
Effective date: 20100423 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: GB Payment date: 20100212 Year of fee payment: 13 |
|
REG | Reference to a national code |
Ref country code: CH Ref legal event code: PL |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: LI Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20100228 Ref country code: CH Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20100228 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20100205 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: AT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20100205 |
|
GBPC | Gb: european patent ceased through non-payment of renewal fee |
Effective date: 20110205 |
|
REG | Reference to a national code |
Ref country code: FR Ref legal event code: ST Effective date: 20111102 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: FR Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20110228 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: GB Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20110205 |
|
PG25 | Lapsed in a contracting state [announced via postgrant information from national office to epo] |
Ref country code: IT Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES Effective date: 20110205 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: IT Payment date: 20100224 Year of fee payment: 13 |
|
PGFP | Annual fee paid to national office [announced via postgrant information from national office to epo] |
Ref country code: DE Payment date: 20170425 Year of fee payment: 20 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R071 Ref document number: 59814378 Country of ref document: DE |